How to Protect Your Facebook Fan Page from Hackers
Have you noticed that some of your favorite Facebook fan pages have been posting strange or inappropriate content lately? You might be wondering if they have been hacked or taken over by someone else. Unfortunately, this is a common problem that many page owners and admins face, especially if their pages have a large number of followers or are related to popular topics or celebrities.
This week alone I watched several huge gaming and cosplay fan pages change their name and content within the blink of an eye. While Facebook has a lot of Do’s and Don’ts for protecting your page, their customer service is severely lacking when it comes to reaching an actual person and reporting a stolen page.
It’s more likely that the people operating the fan accounts fell victim to phishing scams than actual hacking. Phishing scams rely on social engineering techniques (sending you a DM-direct message - to get you to click on a link or input sensitive information). Oftentimes, older users are easier targets and then they will target people on that person’s list. However, the phishing scams that are compromising Facebook fan pages don’t care about age. They create a sense of urgency about your Facebook page’s status to get you to click a link to take you to a page that will require you to input sensitive information. Here’s an example of a phishing scam that may be the culprit in so many Facebook fan pages being lost. And his one was sent to one of the fan pages I operate.
Unfortunately, Facebook does not offer any way for fan pages to immediately report these messages. The only option is to block them and delete the conversation, which will still allow them to prey on other people. Facebook does, however, offer other security measures that may be helpful.
1. Make the Most of Facebook’s Security Settings
Facebook has several security features that you can use to protect your account and page. You can access them by going to Settings > Security and Login. Some of the options you can enable are:
Get alerts about unrecognized logins: This will notify you via email, phone, or Facebook if someone tries to log in to your account from a device or browser that you don't usually use.
Use two-factor authentication: This will require you to enter a code that is sent to your phone or email whenever you log in from a new device or browser.
Choose friends to contact if you get locked out: This will allow you to select three to five trusted friends who can help you recover your account if you forget your password or get hacked.
Review where you're logged in: This will show you all the devices and browsers that are currently logged in to your account. You can log out of any that you don't recognize or trust.
2. Create a Strong Password
One of the easiest ways for hackers to access your account is by guessing or cracking your password. Therefore, you should create a strong password that is hard to guess and easy to remember. A strong password should:
Be at least eight characters long
Include a mix of uppercase and lowercase letters, numbers, and symbols
Avoid using common words, names, dates, or phrases
Be different from your other passwords
You should change your password regularly and never share it with anyone.
Want to take your first step toward a career in cybersecurity? Get a professional certificate from Google in Cybersecurity, preparing you for your CompTIA+ certification.
3. Use Two-Factor Authentication
As mentioned above, two-factor authentication (2FA) is a security feature that adds an extra layer of protection to your account. It requires you to enter a code that is sent to your phone or email whenever you log in from a new device or browser. This way, even if someone knows your password, they won't be able to access your account without the code.
To enable 2FA on Facebook, go to Settings > Security and Login > Two-Factor Authentication and follow the instructions.
4. Read Emails Facebook Sends Out
Facebook will send you emails about important changes or updates to your account or page. For example, if someone tries to reset your password, change your email address, or add a new admin to your page, you will receive an email notification. You should always read these emails carefully and verify if they are legitimate. If you notice any suspicious activity, you should act immediately by changing your password, reporting the issue to Facebook, or contacting the other admins of your page.
5. Have Multiple Admins for the Account
Having multiple admins for your Facebook fan page can help you prevent hackers from taking over your page. If one admin gets hacked, the other admins can still access the page and remove the hacker's access. They can also help you recover the page if it gets deleted or disabled.
However, you should be careful about who you give admin access to. You should only choose people who are trustworthy, reliable, and familiar with Facebook's policies and guidelines. You should also use proper page admin levels to assign different roles and permissions to each admin. Do not give admin access to anyone all willy-nilly.
6. Use Proper Page Admin Levels
Facebook allows you to assign different roles and permissions to each person who works on your page. There are six levels of page admin roles:
Admin: Can manage all aspects of the page, including sending messages, publishing posts, creating ads, viewing insights, adding or removing other admins, and deleting the page.
Editor: Can do everything an admin can do except add or remove other admins and delete the page.
Moderator: Can send messages, respond to comments, create ads, view insights, and ban or unban people from the page.
Advertiser: Can create ads and view insights.
Analyst: Can only view insights.
Jobs Manager: Can create job posts and manage applications.
You should use these roles wisely and only give people the level of access they need to do their job. For example, if someone only needs to create ads for your page, you can make them an advertiser instead of an editor.
7. Report Any Unusual Activity to Facebook
If you notice any unusual activity on your Facebook fan page, such as spam posts, fake likes, unauthorized changes, or hacking attempts, you should report it to Facebook as soon as possible. You can do this by going to the page, clicking on the three dots icon, and selecting Find Support or Report Page. You can also contact Facebook's support team directly by going to facebook.com/help.
Fans can help too. If you see an unusual posting or a change in posting habits, say going from posting only Overwatch memes to spamming pictures of wrestling women and then changing the name of the page and not the page’s affiliation with the group it’s associated with you can report that page for spam.
8. Log Out of Facebook After Using Shared Computers
If you use a shared computer, such as at a library, school, or office, you should always log out of your Facebook account after you finish using it. This will prevent other people from accessing your account or page without your permission. You should also avoid saving your password or using the "remember me" option on shared computers.
9. Educate Yourself and Your Team
Finally, you should educate yourself and your team about the best practices and latest trends in Facebook security. You can follow Facebook's official pages and blogs, such as Facebook for Business and Facebook Security, to get updates and tips on how to protect your account and page. You can also take advantage of Facebook's free online courses and resources, such as Blueprint and Learn How.
Remember to stay vigilant, don’t click on any links especially if the message expresses urgency about your account or family.
